IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-next-hop-capability-03.txt

<bruno.decraene@orange.com> Thu, 28 June 2018 08:12 UTC

Return-Path: <bruno.decraene@orange.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D921130F9A for <idr@ietfa.amsl.com>; Thu, 28 Jun 2018 01:12:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FYMbzQBPpvPd for <idr@ietfa.amsl.com>; Thu, 28 Jun 2018 01:12:38 -0700 (PDT)
Received: from orange.com (mta135.mail.business.static.orange.com [80.12.70.35]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BEB6130F44 for <idr@ietf.org>; Thu, 28 Jun 2018 01:12:38 -0700 (PDT)
Received: from opfednr02.francetelecom.fr (unknown [xx.xx.xx.66]) by opfednr23.francetelecom.fr (ESMTP service) with ESMTP id BE4E1C0ADE; Thu, 28 Jun 2018 10:12:36 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.19]) by opfednr02.francetelecom.fr (ESMTP service) with ESMTP id A67AA12006B; Thu, 28 Jun 2018 10:12:36 +0200 (CEST)
Received: from OPEXCLILM21.corporate.adroot.infra.ftgroup ([fe80::e92a:c932:907e:8f06]) by OPEXCLILM44.corporate.adroot.infra.ftgroup ([fe80::b08d:5b75:e92c:a45f%18]) with mapi id 14.03.0399.000; Thu, 28 Jun 2018 10:12:36 +0200
From: bruno.decraene@orange.com
To: Randy Bush <randy@psg.com>
CC: "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] I-D Action: draft-ietf-idr-next-hop-capability-03.txt
Thread-Index: AQHUDoH+4DfjaAuCdk2FV0fsbpno46R1ThVQ
Date: Thu, 28 Jun 2018 08:12:35 +0000
Message-ID: <19553_1530173556_5B349874_19553_6_1_53C29892C857584299CBF5D05346208A47AB766D@OPEXCLILM21.corporate.adroot.infra.ftgroup>
References: <153008684965.15406.536825824891886594@ietfa.amsl.com> <m2o9fvptr9.wl-randy@psg.com>
In-Reply-To: <m2o9fvptr9.wl-randy@psg.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.6]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/ovhIsNMyRqPhcDgbMvBLO3vWh7U>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-next-hop-capability-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jun 2018 08:12:50 -0000

Hi Randy,

[Trimming the list to IDR]

 > -----Original Message-----
 > From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Randy Bush
 > Sent: Thursday, June 28, 2018 3:47 AM
 > To: internet-drafts@ietf.org
 > Cc: idr@ietf.org; i-d-announce@ietf.org
 > Subject: Re: [Idr] I-D Action: draft-ietf-idr-next-hop-capability-03.txt
 > 
 > from the sec cons
 > 
 >     an operator who is relying on the information carried in BGP must have a
 >     transitive trust relationship back to the source of the information.
 >     Specifying the mechanism(s) to provide such a relationship is beyond the
 >     scope of this document.
 > 
 > call the security police!
 
This is intended to be just stating a fact.
Would you mind elaborating on your comment?

Coming back to this document, the attribute is related to node indicated in the BGP NEXT_HOP which is usually not far away from you, including from a trust perspective. Also this attribute is explicitly removed when the NEXT_HOP is changed, and the attribute is non-transitive.
Finally, the first application is for labelled (MPLS) routes which typically imply a trust boundary.

Thanks,
Regards,
--Bruno
 
 > randy
 > 
 > _______________________________________________
 > Idr mailing list
 > Idr@ietf.org
 > https://www.ietf.org/mailman/listinfo/idr

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email